kousu
commented
4 years ago I was about to go patch this in libstrophe too, but it turns out they already only use the latter:
Closed kousu closed 4 years ago
kousu
commented
4 years ago I was about to go patch this in libstrophe too, but it turns out they already only use the latter:
jubalh
commented
4 years ago I plan to deprecate libmesode soon in favour of libstrophe. I hope that for the next release of libstrophe we can already have libmesode changes upstreamed in libstrophe itself so that only libstrophe is necessary.
@pasis what do you think?
pasis
commented
4 years ago Merged, thanks.
@jubalh deprecate libmesode is the plan, but current implementation of extra features in libmesode ain't in good shape for libstrophe. We need to think about good interface for similar functionality, implement it for all TLS modules and rewrite Profanity to use new libstrophe interface. Until then libmesode may be required for some users.
Without
SSL_CTX_set_default_verify_paths(),SSL_CTX_load_verify_locations()has to be hand-fed the right paths for the current OS. With the current library API it only supports CApaths and cannot support CAfiles, so even though profanity feeds it the usual default path this makes it incompatible with OpenBSD, and probably others, that only ship a CAfile.For the difference between CApaths and CAfiles, read https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_load_verify_locations.html and/or https://man.openbsd.org/SSL_CTX_set_default_verify_paths.
Fixes https://github.com/profanity-im/profanity/issues/1234